PinnedDigging Deeper: Unearthing Business Logic Vulnerabilities in Web ApplicationsFarzad UnsplashMay 20, 20231May 20, 20231
PinnedSSRF in import file functionIn this post, I’ll describe how I easily managed to exploit an SSRF vulnerability on target.com, a lot of information will be redacted for…Jul 14, 20201Jul 14, 20201
Navigating Tree-Sitter Queries with jsluice for JavaScript File AnalysisTree-Sitter Dec 26, 2023Dec 26, 2023
Beyond Simple Alerts: Techniques for Evading WAF and Achieving XSS SuccessTL;DR If you’re looking for ready-made payloads, go to the end of this blogpost, where I include some interesting ones.Dec 22, 2023Dec 22, 2023
Published inOSINT TeamEnhancing Bug Bounty Hunting with Lopseg OSINTFree OSINT ToolDec 7, 2023Dec 7, 2023